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(2010). The transmitter (2008) 
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SIGNAL GENERATION AND BROADCASTING 

» 

The present invention relates to a broadcast system, to a conditional access system for 
the broadcast system, to a broadcast and reception system, to apparatus for generating, 
signals (including messages), to analogous methods, and to signals for use with the 
5 aforesaid systems, apparatus and methods. 

In particular, but not exclusively, the invention relates to a mass-market broadcast 
system having some or all of the following preferred features:- 

It is an information broadcast system, preferably a radio and/or television 

broadcast system ™ 

10 • It is a satellite system (although it could be applicable to cable or terrestrial 
transmission) 

It is a digital system, preferably using the MPEG, more preferably the MPEG- 
2, compression system for data/signal transmission 
It affords the. possibility of interactivity. 

Again, in particular but not exclusively, the invention relates to a Subscriber 
Authorization System (SAS) forming part of a conditional access system for a 
broadcast system. By an SAS is preferably meant any device, apparatus or system for 
authorizing users to have access to the conditional access system, regardless of the end 
use. The SAS might be for use with a radio and/or television broadcast system, but 
equally could be for authorizing users, for example, in computer networks, in parking 
lots, and so on. The SAS preferably also has the function of generating suitable 
entitlement messages. 

A function of known Subscriber Authorization Systems is to manage access rights to 
television programmes, available as commercial offers and sold according to different 
25 modes of commercialisation (subscription mode, pre-book mode, impulse mode). The 
SAS, according to those rights and to information received from a Subscriber 
Management System (SMS), generates using a message generator so-called 
"Entitlement Management Messages" (EMMs) which are broadcast by a message 
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emitter via a multiplexer to a receiver/decoder of the subscriber to authorize him/her. 

In a known system, the message emitter has no ability to sense or control what it emits 
to the multiplexer. Hence it has been realized pursuant to the present invention that 
it is possible that the message emitter may transmit back to back two EMMs which 
5 are to be received and decoded by the receiver/decoder. In such circumstances, it is 
possible that if the EMMs are insufficiently separated the receiver/decoder will be 
unable to sense and decode properly the second of the EMMs. This may create severe 
authorization problems. 

The present invention in a first aspect seeks to solve this and other problems. 

10 According to a first aspect of the present invention, there is provided apparatus for 
repetitively generating a set of messages, comprising: 
means for generating a plurality of messages; 

means for repetitively randomizing the sequence of the messages to form a 
plurality of sets of such messages, so that the messages of each set are in random 
15 sequence; and 

means for outputting the plurality of sets of messages. 

By repetitively randomizing the sequence of the messages the chance of two messages 
being broadcast only back to back after a number of repetitions can be made 
negligibly small. 

20 Preferably, the message generating means includes means for storing the generated 
messages, and, if so, the randomizing means is preferably arranged to form each said 
set of messages by retrieving the messages in random sequence from the storage 
means. This can be a particularly efficient way of putting the invention into practice, 
since the messages do not then have to be generated again each time the sequence of 

25 the messages is randomized. 

For ease of access, the storage means is preferably arranged to store the messages in 
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an at least two-dimensional array. Further dimensions may be added, for example to 
represent the different operators for whom the messages may be generated. 

Preferably, the apparatus further comprises -means coupled to- the output means for 
varying the rate at which the plurality of sets of messages is output. In this way any 
5 bitrate directive from the multiplexer can be taken account of. 

For the same reason, the apparatus preferably further comprises means coupled to the 
storage means for evaluating the size of the messages stored in the storage means, and 
means coupled to the output means for varying the rate at which the plurality of sets 
of messages is output, in dependence upon the said size of the messages. 

10 Preferably, the generating means and the randomizing means are coupled via a First 
In First Out device. Since these two components may be a large distance apart, 
provision of the FIFO device can allow them effectively to run independently in case 
of failure of one of them. For the same reason, the output means preferably includes 
means for storing at least one of the sets of messages, so that, again, it can effectively 

15 operate in standalone mode. 

A plurality of output means may be provided, in which case the apparatus preferably 
further comprises a multiplexer for receiving the plurality of sets of messages output 
by said plurality of output means. 

The present invention extends to an access control system for a broadcast and 
20 reception system, said access control system including, at the broadcast end, apparatus 
as aforesaid, and, at the reception end, a device for receiving said messages. 

The message may be an entitlement message for broadcast to the receiving device. 
In turn, the entitlement message may be an EMM or ECM. In the preferred 
embodiment, the output means comprises an EMM Injector for injecting EMMs into 
25 the stream of data to be broadcast. 
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The present invention further extends to a broadcast and reception system including 
an access control system as aforesaid; the system may be for the digital broadcast of 
television programmes. 

The present invention also extends to a method of repetitively generating a set of 
5 messages, comprising: 

generating a plurality of messages; 

repetitively randomizing the sequence of the messages to form a plurality of 
sets of such messages, so that the messages of each set are in random sequence; and 
outputting the plurality of sets of messages/- 

10 Preferably, the method includes the step of storing messages generated in the 
generating step, and in the randomizing step preferably each said set of messages is 
formed by retrieving the messages in random sequence. 

The invention also provides a method of controlling access of a user to a broadcast 
and reception system, including, at the broadcast end, a method of repetitively 
15 generating a set of messages as aforesaid, and, at the reception end, the step of 
receiving said messages. Preferably, the message is an entitlement message for 
reception by the receiving step. 

A further aspect of the present invention is now discussed. Conventionally in the 
broadcast of a digital bitstream, information is transmitted as a packet of digital data 
20 and an identifier for the packet; the identifier is at least two bytes in length. 

According to the present invention, preferably the output means referred to before is 
arranged to output the plurality of sets of messages as a digital signal including a 
packet (more preferably several packets) of digital data and an identifier for the 
packet, the identifier being less than two bytes (and preferably one byte or less) in 
25 length. This can result in a reduced bandwidth requirement. 

The feature is provided independently. Hence, according to a second aspect of the 



iNSDOCID: <WO 9843430A1_I_> 




* WO 98/43430 PCI7EP97/02106 

- 5 - 

present invention, there is provided apparatus for generating a digital signal comprising 
a packet of digital data and an identifier for the packet, comprising: 

means for generating the packet of data; and 

means for generating the identifier; 
5 wherein: 

the identifier generating means is arranged to generate an identifier which is 
less than two bytes in length. 

The identifier may comprise an identity parameter and a length parameter, in which 
case preferably these parameters are each 4 bits in tength for ease of implementation. 

1 0 Preferably, the digital value of the length parameter is not directly proportional to the 
actual length of the packet. This can permit a greater range of actual length of the 
packet than the range of the digital value of the length parameter. The apparatus may 
further comprise means for storing a look-up table giving the correspondence between 
the digital value of the length parameter and the actual length of the packet. 

1 5 This aspect of the present invention also extends to a broadcast and reception system 
including, at the broadcast end, apparatus as aforesaid, and, at the reception end, a 
device for receiving said signal. 

Furthermore, in the method as aforesaid the plurality of messages may be output as 
a digital signal comprising a packet of digital data and an identifier for the packet, the 
20 identifier being less than two bytes in length. 

In its independent method form, the second aspect of the present invention provides 
a method of generating a digital signal comprising a packet of digital data and an 
identifier for the packet, comprising: 

generating the packet of data; and 
25 generating the identifier; 

wherein: 

the identifier is less than two bytes in length. 
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Preferably, the identifier comprises an identity parameter and a length parameter. 
Preferably also, the digital value of the length parameter is not directly proportional 
to the actual length of the packet. 

The second aspect of the present invention also provides a digital signal, comprising: 
5 a packet of digital data; and 

an identifier for the packet; 
wherein: 

the identifier is less than two bytes in length. 

Preferably, the identifier comprises an identity parameter and a length parameter, the 
10 identity and length parameters are each 4 bits in length, and the digital value of the 
length parameter is not directly proportional to the actual length of the packet. 

A third aspect of the present invention is now discussed. Conventional broadcast 
systems are typically subject to severe bandwidth restraints. 

Therefore, preferably, if the broadcast and reception system as aforesaid further 
15 comprises means for broadcasting data, it also comprises means for producing a 
control command representative of a characteristic of the data, and the output means 
includes means for repetitively broadcasting the plurality of sets of messages, at a 
variable repetition rate, and for varying the repetition rate in response to the control 
command: 

20 This feature is, in the third aspect of the present invention, provided independently. 
According to this third aspect, there is provided a broadcast system, comprising: 
means for broadcasting data; 

means for producing a control command representative of a characteristic of 
the data; and 

25 means for repetitively broadcasting a message, at a variable repetition rate; said 

message broadcasting means being arranged to vary the repetition rate in response to 
the control command. 
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By varying the repetition rate in response to the control command, bandwidth can be 
allocated dynamically for specific messages. 

In the preferred embodiment, the data are signals representative of programme events 
' (preferably digital television or radio programme events), and the means for producing 
the control command is arranged to produce the command to be representative of the 
time of broadcast of a particular programme event, and preferably further the message 
is an EMM. This aspect of the invention is particularly relevant to Pay Per View 
events, where the demand by viewers for authorization to watch a particular PPV 
event will generally vary according to the proximity of the event. 

Thie control command may be produced by the programme broadcaster, possibly 
through a so-called "Server for Programme Broadcaster" (SPB). 



Preferably, said message broadcasting means is arranged to vary the repetition rate 
near the time of broadcast of the event. Preferably also, said message broadcasting 
means is arranged to increase the repetition rate before the time of broadcast of the 
1 5 event, as well as to increase the repetition rate during the time of broadcast of the 
event. 



For example, for a particular PPV programme event the increased rate may start 
perhaps 30, 20, 15, 10 or 5 minutes before the time of broadcast of the event, and may 
continue until perhaps one half of, three-quarters of or even the entirety of the event 
20 has elapsed. The lower rate may be one broadcast every 30 or 15 minutes, whilst the 
increased rate may be one broadcast every 2 or one minutes or every 30 seconds. The 
actual rate naturally does not have to be exactly the figures mentioned; intermediate 
figures are also possible, and the lower rate may be slower than once every 30 minutes 
and the increased rate may be faster than once every 30 seconds. 



25 The third aspect of the invention extends to a broadcast and reception system 
including, at the broadcast end, a system as aforesaid, and, at the reception end, a 
device for receiving the broadcast data and messages. 
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This aspect also provides a method of broadcasting, comprising: 
broadcasting data; 

producing a control command representative of a characteristic of the data; and 
repetitively broadcasting a message, at a variable repetition rate which is varied 
5 in response to the control command. 

Preferably, the data are signals representative of programme events, and the control 
message is representative of the time of broadcast of a particular programme event. 

Preferably also, the repetition rate is varied near the time of broadcast of the event. 
More preferably, the repetition rate is increased before as well, preferably, as during 
10 the time of broadcast of the event. 

In conventional conditional access systems problems can arise from failure of the 
linkage between the SMS and the SAS, given that these may be some physical 
distance apart. 

According to a fourth aspect of the present invention, there is provided a conditional 
access system for affording conditional access to subscribers, comprising: 
a subscriber management system (SMS); and 

a subscriber authorization system (SAS) coupled to the subscriber management 
system, said authorization system comprising means for generating subscriber renewal 
commands and means for authorizing renewal of the subscribers in dependence on 
such commands. 

By placing the means for generating subscriber renewal commands in the SAS, rather 
than in the SMS as hitherto, command exchange between the SAS and SMS can be 
minimized. Hence also, the requirement for interoperability of the SAS and SMS can 
be reduced. 

25 The fourth aspect of the invention also provides a conditional access system for 
affording conditional access to subscribers, comprising: 
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20 
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a subscriber management system for managing the subscribers, including a 
database with subscriber information and means for generating (preferably from the 
database) a stop command that a particular subscription is to be stopped; and 

a subscriber authorization system, for authorizing the subscribers, coupled to 
5 the subscriber management system, and arranged to receive the stop command; the 
subscriber authorization system comprising means for generating a subscriber renewal 
command for each subscriber in dependence on the stop command for that subscriber 
and means for authorizing renewal of the subscribers in dependence on the subscriber 
renewal commands. 

1 0 Preferably, the subscriber management system includes means for generating (again 
preferably from the database) a start command that a particular subscription is to be 
started, and the subscriber renewal command generating means of the subscriber 
authorization system is arranged to generate each subscriber renewal command in 
further dependence on the start command. Hence the SAS can handle not only 

15 renewal of existing subscribers but also initial renewal and authorization of new 
subscribers. 

The subscriber authorization system may also include a database with subscriber 
information, in which case it preferably also includes means for updating the 
information in that database in dependence on the information in the subscriber 
20 management system database. This can protect against failure of the link between the 
SMS and SAS. 

For the same reason, a First In First Out Device is provided between the subscriber 
renewal command generating means and the renewal authorizing means, to average 
flow of commands and ensure that no command is lost in the event of failure. 

25 The renewal authorizing means may include output means for outputting authorization 
entitlement messages to the subscribers, to authorize renewal. In the preferred 
embodiment, these messages are EMMs. 
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The subscriber authorization system may be capable of providing special rights (such 



for example as free rights for a limited period) for new subscribers. This can afford 
versatility to the system. 

The invention extends to a conditional access system, being for a broadcast and 
5 reception system, said system comprising, at the broadcast end, a system as aforesaid, 
and further comprising, at the reception end, a device for receiving said messages. 

The invention further extends to a broadcast and reception system including a 
conditional access system as aforesaid. The system typically is for the broadcast of 
digital television or radio programmes. 

10 Preferred features of the present invention will now be described, purely by way of 
example, with reference to the accompanying drawings, in which: - 

Figure 1 shows the overall architecture of a digital television system according to the 
preferred embodiment of the present invention; 

Figure 2 shows the architecture of a conditional access system of the digital television 
15 system; 

Figure 3 shows the structure of an Entitlement Management Message used in the 
conditional access system; 

Figure 4 is a schematic diagram of the hardware of a Subscriber Authorisation System 
(SAS) according to a preferred embodiment of the present invention; 

20 Figure 5 is a schematic diagram of the architecture of the SAS; 

Figure 6 is a schematic diagram of a Subscriber Technical Management server forming 
part of the SAS; 



JNSDOCID: <WO 9843430A1_I_> 



WO 98/43430 




PCT/EP97/02106 



Figure 7 is a flow diagram of the procedure for automatic renewal of subscriptions as 
implemented by the SAS; 

Figure 8 is a schematic diagram of a group_subscription bitmap used in the automatic 
renewal procedure; 

5 Figure 9 shows the structure of an EMM used in the automatic renewal procedure; 
Figure 10 shows in detail the structure of the EMM; 

Figure 1 1 is a schematic diagram of an order centralized server when used to receive 
commands directly through communications servers; 

Figure 12 illustrates diagrammatically a part of Figure 2 showing one embodiment of 
10 the present invention; 

Figure 13 is a schematic diagram of the order centralized server when used to receive 
commands from the subscriber authorization system to request a callback; 

Figure 14 is a schematic diagram of the communications servers; 

Figure 1 5 shows the manner in which EMM emission cycle rate is varied according 
1 5 to the timing of a PPV event; 

Figure 16 is a schematic diagram of a Message Emitter used to emit EMMs; 

Figure 17 is a schematic diagram showing the manner of storage of EMMs within the 
Message Emitter; 

Figure 1 8 is a schematic diagram of a smartcard; 
20 Figure 19 is a schematic diagram of an arrangement of zones in the memory of the 
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smartcard; and 

Figure 20 is a schematic diagram of a PPV event description. 

An overview of a digital television, broadcast and reception system 1000 according to 
the present invention is shown in Figure 1. The invention includes a mostly 
5 conventional digital television system 2000 which uses the known MPEG-2 
compression system to transmit compressed digital signals. In more detail, MPEG-2 
compressor 2002 in a broadcast centre receives a digital signal stream (typically a 
stream of video signals). The compressor 2002 is connected to a multiplexer and 
scrambler 2004 by linkage 2006. The multiplexer 2004 receives a plurality of further 

10 r input signals, assembles one or more transport streams and transmits compressed 
digital signals to a transmitter 2008 of the broadcast centre via linkage 2010, which 
can of course take a wide variety of forms including telecom links. The transmitter 
2008 transmits electromagnetic signals via uplink 2012 towards a satellite transponder 
2014, where they are electronically processed and broadcast via notional downlink 

15 2016 to earth receiver 2018, conventionally in the form of a dish owned or rented by 
the end user. The signals received by receiver 2018 are transmitted to an integrated 
receiver/decoder 2020 owned or rented by the end user and connected to the end 
user's television set 2022. The receiver/decoder 2020 decodes the compressed MPEG- 
2 signal into a television signal for the television set 2022. 

20 A conditional access system 3000 is connected to the multiplexer 2004 and the 
receiver/decoder 2020, and is located partly in the broadcast centre and partly in the 
decoder. It enables the end user to access digital television broadcasts from one or 
more broadcast suppliers. A smartcard, capable of decrypting messages relating to 
commercial offers (that is, one or several television programmes sold by the broadcast 

25 supplier), can be inserted into the receiver/decoder 2020. Using the decoder 2020 and 
smartcard, the end user may purchase events in either a subscription mode or a pay- 
per-view mode. 

An interactive system 4000, also connected to the multiplexer 2004 and the 



3NSDOC1D: <WO 9843430A1 J_> 



WO 98/43430 PCT/EP97/02106 

- 13 - 

receiver/decoder 2020 and again located partly in the broadcast centre and partly in 
the decoder, enables the end user to interact with various applications via a 
modemmed back channel 4002. 

' The conditional access system 3000 is now described in more detail. 

5 With reference to Figure 2, in overview the conditional access system 3000 includes 
a Subscriber Authorization System (SAS) 3002. The SAS 3002 is connected to one 
or more Subscriber Management Systems (SMS) 3004, one SMS for each broadcast 
supplier, by a respective TCP-IP linkage 3006 (although other types of linkage could 
alternatively be used). Alternatively, one SMS could be shared between two broadcast 

10 suppliers, or one supplier could use two SMSs, and so on. 

First encrypting units in the form of ciphering units 3008 utilising "mother" smartcards 
3010 are connected to the SAS by linkage 3012. Second encrypting units again in the 
form of ciphering units 3014 utilising mother smartcards 3016 are connected to the 
multiplexer 2004 by linkage 3018. The receiver/decoder 2020 receives a "daughter" 
15 smartcard 3020. It is connected directly to the SAS 3002 by Communications Servers 
3022 via the modemmed back channel 4002. The SAS sends amongst other things 
subscription rights to the daughter smartcard on request. 

The smartcards contain the secrets of one or more commercial operators. The 
"mother" smartcard encrypts different kinds of messages and the "daughter" smartcards 
20 decrypt the messages, if they have the rights to do so. 

The first and second ciphering units 3008 and 3014 comprise a rack, an electronic 
VME card with software stored on an EEPROM, up to 20 electronic cards and one 
smartcard 3010 and 3016 respectively, for each electronic card, one (card 3016) for 
encrypting the ECMs and one (card 3010) for encrypting the EMMs. 

25 The operation of the conditional access system 3000 of the digital television system 
will now be described in more detail with reference to the various components of the 
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television system 2000 and the conditional access system 3000. 
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Multiplexer and Scrambler 

With reference to Figures 1 and 2, in the broadcast centre, the digital video signal is 
first compressed (or bit rate reduced), using the MPEG-2 compressor 2002. This 
5 compressed signal is then transmitted to the multiplexer and scrambler 2004 via the 
linkage 2006 in order to be multiplexed with other data, such as other compressed 
data. 

The scrambler generates a control word used in the, scrambling process and included 
in the MPEG-2 stream in the multiplexer 2004. The control word is generated 
10 internally and enables the end user's integrated receiver/decoder 2020 to descramble 
the programme. . . 

Access criteria, indicating how the programme is commercialised, are also added to 
the MPEG-2 stream. The programme may be commercialised in either one of a 
number of "subscription" modes and/or one of a number of "Pay Per View" (PPV) 

15 modes or events. In the subscription mode, the end user subscribes to one or more 
commercial offers, or "bouquets", thus getting the rights to watch every channel inside 
those bouquets. In the preferred embodiment, up to 960 commercial offers may be 
selected from a bouquet of channels. In the Pay Per View mode, the end user is 
provided with the capability to purchase events as he wishes. This can be achieved 

20 by either pre-booking the event in advance ("pre-book mode"), or by purchasing the 
event as soon as it is broadcast ("impulse mode"). In the preferred embodiment, all 
users are subscribers, whether or not they watch in subscription or PPV mode, but of 
course PPV viewers need not necessarily be subscribers. 

Both the control word and the- access criteria are used to build an Entitlement Control 
25 Message (ECM); this is a message sent in relation with one scrambled program; the 
message contains a control word (which allows for the descrambling of the program) 
and the access criteria of the broadcast program. The access criteria and control word 
are transmitted to the second encrypting unit 3014 via the linkage 3018. In this unit, 
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an ECM is generated, encrypted and transmitted on to the multiplexer and scrambler 
2004. 

Each service broadcast by a broadcast supplier in a data stream comprises a number 
of distinct components; for example a television programme includes a video 
5 component, an audio component, a sub-title component and so on. Each of these 
components of a service is individually scrambled and encrypted for subsequent 
broadcast to the transponder 2014. In respect of each scrambled component of the 
service, a separate ECM is required. 

Programme Transmission 

10 The multiplexer 2004 receives electrical signals comprising encrypted EMMs from the 
SAS 3002, encrypted ECMs from the second encrypting unit 3014 and compressed 
programmes from the compressor 2002. The multiplexer 2004 scrambles the 
programmes and transmits the scrambled programmes, the encrypted EMMs and the 
encrypted ECMs as electric signals to a transmitter 2008 of the broadcast centre via 

15 linkage 2010. The transmitter 2008 transmits electromagnetic signals towards the 
satellite transponder 2014 via uplink 2012. 

Programme Reception 

The satellite transponder 2014 receives and processes the electromagnetic signals 
transmitted by the transmitter 2008 and transmits the signals on to the earth receiver 
20 2018, conventionally in the form of a dish owned or rented by the end user, via 
downlink 2016. The signals received by receiver 2018 are transmitted to the 
integrated receiver/decoder 2020 owned or rented by the end user and connected to the 
end user's television set 2022. The receiver/decoder 2020 demultiplexes the signals 
to obtain scrambled programmes with encrypted EMMs and encrypted ECMs. 

25 If the programme is not scrambled, that is, no ECM has been transmitted with the 
MPEG-2 stream, the receiver/decoder 2020 decompresses the data and transforms the 
signal into a video signal for transmission to television set 2022. 
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If the programme is scrambled, the receiver/decoder 2020 extracts the corresponding 
ECM from the MPEG-2 stream and passes the ECM to the "daughter" smartcard 3020 
of the end user. This slots into a housing in the receiver/decoder 2020. The daughter 
smartcard 3020 controls whether the end user has the right to decrypt the ECM and 
5 to access the programme. If not, a negative status is passed to the jeceiver/decoder 
2020 to indicate that the programme cannot be descrambled. If the end user does have 
the rights, the ECM is decrypted and the control word extracted. The decoder 2020 
can then descramble the programme using this control word. The MPEG-2 stream is 
decompressed and translated into a video signal for onward transmission to television 
10 set 2022. 

Subscriber>Management System (SMS) 

A Subscriber Management System (SMS) 3004 includes a database 3024 which 
manages, amongst others, all of the end user files, commercial offers (such as tariffs 
and promotions), subscriptions, PPV details, and data regarding end user consumption 
15 and authorization. The SMS may be physically remote from the SAS. 

Each SMS 3004 transmits messages to the SAS 3002 via respective linkage 3006 
which imply modifications to or creations of Entitlement Management Messages 
(EMMs) to be transmitted to end users. 

The SMS 3004 also transmits messages to the SAS 3002 which imply no 
20 modifications or creations of EMMs but imply only a change in an end user's state 
(relating to the authorization granted to the end user when ordering products or to the 
amount that the end user will be charged). 

As described later, the SAS 3002 sends messages (typically requesting information 
such as call-back information or billing information) to the SMS 3004, so that it will 
25 be apparent that communication between the two is two-way. 

Entitlement Management Messages (EMMs) 

The EMM is a message dedicated to an individual end user (subscriber), or a group 
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of end users, only (in contrast with an ECM, which is dedicated to one scrambled 
programme only or a set of scrambled programmes if part of the same commercial 
offer). Each group may contain a given number of end users. This organisation as 
a group aims at optimising the bandwidth; that is, access to one group can permit the 
5 reaching of a great number of end users. 

Various specific types of EMM are used in putting the present invention into practice. 
Individual EMMs are dedicated to individual subscribers, and are typically used in the 
provision of Pay Per View services; these contain the group identifier and the position 
of the subscriber in that group. So-called "Group"subscription EMMs are dedicated 

-re 

\S to groups of, say, 256 individual users, and are typically used in the administration of 
some subscription services. This EMM has a group identifier and a subscribers' 
group bitmap. Audience EMMs are dedicated to entire audiences, and might for 
example be used by a particular operator to provide certain free services. An 
"audience" is the totality of subscribers having smartcards which bear the same 

15 Operator Identifier (OPI). Finally, a "unique" EMM is addressed to the unique 
identifier of the smartcard. 

The structure of a typical EMM is now described with reference to Figure 3. 
Basically, the EMM, which is implemented as a series of digital data bits, comprises 
a header 3060, the EMM proper 3062, and a signature 3064. The header 3060 in turn 

20 comprises a type identifier 3066 to identify whether the type is individual, group, 
audience or some other type, a length identifier 3068 which gives the length of the 
EMM, an optional address 3070 for the EMM, an operator identifier 3072 and a key 
identifier 3074. The EMM proper 3062 of course varies greatly according to its type. 
Finally, the signature 3064, which is typically of 8 bytes long, provides a number of 

25 checks against corruption of the remaining data in the EMM. 

Subscriber Authorizatio n System (SAS) 

The messages generated by the SMS 3004 are passed via linkage 3006 to the 
Subscriber Authorization System (SAS) 3002, which in turn generates messages 
acknowledging receipt of the messages generated by the SMS 3004 and passes these 
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acknowledgements to the SMS 3004. 

As shown in Figure 4, at the hardware level the SAS comprises in known fashion a 
mainframe computer 3050 (in the preferred embodiment a DEC machine) connected 
to one or more keyboards 3052 for data and command input, one or more Visual 
Display Units (VDUs) 3054 for display of output information and data storage means 
3056. Some redundancy in hardware may be provided. 

At the software level the SAS runs, in the preferred embodiment on a standard open 
VMS operating system, a suite of software whose., architecture is now described in 
overview with reference to Figure 5; it will be understood that the software could 
alteratively be implemented in hardware. 
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In overview the SAS comprises a Subscription Chain area 3100 to give rights for 
subscription mode and to renew the rights automatically each month, a Pay Per View 
Chain area 3200 to give rights for PPV events, and an EMM Injector 3300 for passing 
EMMs created by the Subscription and PPV chain areas to the multiplexer and 
scrambler 2004, and hence to feed the MPEG stream with EMMs. If other rights are 
to be granted, such as Pay Per File (PPF) rights in the case of downloading computer 
software to a user's Personal Computer, other similar areas are also provided. 

One function of the SAS 3002 is to manage the access rights to television 
programmes, available as commercial offers in subscription mode or sold as PPV 
events according to different modes of commercialisation (pre-book mode, impulse 
mode). The SAS 3002, according to those rights and to information received from the 
SMS 3004, generates EMMs for the subscriber. 

The Subscription Chain area 3100 comprises a Command Interface (CI) 3102, a 
Subscriber Technical Management (STM) server 3104, a Message Generator (MG) 
3106, and the Ciphering Unit 3008. 



The PPV Chain area 3200 comprises an Authorisation Server (AS) 3202, a relational 
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database 3204 for storing relevant details of the end users, a local blacklist database 
3205, Database Servers 3206 for the database, an Order Centralized Server (OCS) 
3207, a Server for Programme Broadcaster (SPB) 3208, a Message Generator (MG) 
3210 whose function is basically the same as^that for the Subscription Chain area and 
5 is hence not described further in any detail, and the Ciphering Unit 3008. 

The EMM Injector 3300 comprises a plurality of Message Emitters (MEs) 3302, 3304, 
3306 and 3308 and Software Multiplexers (SMUXs) 3310 and 3312. In the preferred 
embodiment, there are two MEs, 3302 and 3304 for the Message Generator 3106, with 
the other two MEs 3306 and 3308 for the Message- Generator 3210.' MEs 3302 and 
10 3306 are connected to the SMUX 3310 whilst MEs 3304 and 3308 are connected to 
the SMUX 3312. 

Each of the three main components of the SAS (the Subscription Chain area, the PPV 
Chain area and the EMM Injector) are now considered in more detail. 

Subscription Chain Area 

15 Considering first the Subscription Chain area 3100, the Command Interface 3102 is 
primarily for despatching messages from the SMS 3004 to the STM server 3104, as 
well as to the OCS 3206, and from the OCS to the SMS. The Command Interface 
takes as input from the SMS either direct commands or batch files containing 
commands. It performs syntactic analysis on the messages coming from the STM 

20 server, and is able to emit accurate messages when an error occurs in a message 
(parameter out of range, missing parameter, and so on). It traces incoming commands 
in textual form in a trace file 3110 and also in binary form in a replay file 31 12 in 
order to be able to replay a series of commands. Traces can be disabled and the size 
of files limited. 

25 Detailed discussion of the STM server 3104 is now provided with particular reference 
to Figure 6. The STM server is effectively the main engine of the Subscription Chain 
area, and has the purpose of managing free rights, the creation of new subscribers and 
the renewal of existing subscribers. As shown in the figure, commands are passed on 
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to the Message Generator 3106, albeit in a different format from that in which the 
commands are passed to the STM server. For each command, the STM server is 
arranged to send an acknowledgement message to the CI only when the relevant 
command has been successfully processed and sent to the MG. 

5 The STM server includes a subscriber database 3120, in which all the relevant 
parameters of the subscribers are stored (smartcard number, commercial offers, state, 
group and position in the group, and so on). The database performs semantic checks 
of the commands sent by the CI 3102 against the content of the database, and updates 
the database when the commands are valid. 

10 The STM server further manages a First In First Out (FIFO) buffer 3122 between the 
STM server and the MG, as well as a backup disk FIFO 3124. The purpose of the 
FIFOs is to average the flow of commands from the CI if the MG is not able to 
respond for a while for any reason. They can also ensure that in the case of a crash 
of the STM server or MG no command will be lost, since the STM server is arranged 

15 to empty (that is, send to the MG) its FIFOs when restarted. The FIFOs are 
implemented as files. 

The STM server includes at its core an automatic renewal server 3126 which 
automatically generates renewals, and, if required by the operators, free rights. In this 
context, the generation of renewals may be thought of as including the generation of 
20 rights for the first time, although it will be understood that the generation of new 
rights is initiated at the SMS. As will become apparent, the two can be treated by 
roughly the same commands and EMMs. 

Having the STM separate from the SAS, and the automatic renewal server within the 
, SAS rather than (in known systems) in the SMS 3004, is a particularly important 
25 feature, since it can significantly reduce the number of commands which need to be 
passed from the SMS to the SAS (bearing in mind that the SMS and SAS may be in 
different locations and operated by different operators). In fact, the two main 
commands required from the SMS are merely commands that a new subscription 
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should be started and that an existing subscription should be stopped (for example in 
the case of non-payment). By minimising command exchange between the SMS and 
SAS, the possibility of failure of command transfer in the linkage 3006 between the 
- two is reduced; also, the design of the SMS does not need to take into, account the-.. 
5 features of the conditional access system 3000 generally. 

Automatic renewal proceeds in the fashion indicated in the flow diagram of Figure 7. 
In order to reduce bandwidth, and given that a very high percentage of all renewals 
are standard, renewal proceeds in groups of subscribers; in the preferred embodiments 
there are 256 individual subscribers per group. The flow diagram begins with the start 
10 step 3130, and proceeds to"step 3132 where a monthly activation of the renewal 
function is made (although of course it will be appreciated that other frequencies are 
also possible). With a monthly frequency, rights are given to the end user for the 
current month and all of the following month, at which point they expire if not 
renewed. 

15 In step 3134 the subscriber database 3120 is accessed in respect of each group and 
each individual within that group to determine whether rights for the particular 
individual are to be renewed. 

In step 3136, a group subscription bitmap is set up according to the contents of the 
subscriber database, as shown in Figure 8. The bitmap comprises a group identifier 
20 (in this case Group 1 - "Gl") 3138 and 256 individual subscriber zones 3140. The 
individual bits in the bitmap are set to 1 or zero according to whether or not the 
particular subscriber is to have his rights renewed. A typical set of binary data is 
shown in the figure. 

In step 3142 the appropriate commands, including the group subscription bitmap, are 
25 passed to the Message Generator 3106. In step 3143 the Message Generator sets an 
obsolescence date to indicate to the smartcard the date beyond which the particular 
subscription EMM is not valid; typically this date is set as the end of the next month. 
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In step 3144 the Message Generator generates from the commands appropriate group 
subscription EMMs and asks the Ciphering Unit 3008 to cipher the EMMs, the 
ciphered EMMs being then passed to the EMM Injector 3300, which, in step 3146, 
injects the EMMs into the MPEG-2 data stream. 

Step 3148 indicates that the above described procedure is repeated for each and every 
group. The process is finally brought to an end at stop step 3150. 

The flow diagram described above with reference to Figure 7 relates in fact 
specifically to the renewal of subscriptions. The STM also manages in a similar way 
free audience rights and new subscribers. 

In the case of free audience rights, available for specific television programmes or 
groups of such programmes, these are made available by the STM issuing a command 
to the Message Generator to generate appropriate audience EMMs (for a whole 
audience) with an obsolescence date a given number of days (or weeks) hence. The 
MG computes the precise obsolescence date based on the STM command. 

1 5 In the case of new subscribers, these are dealt with in two stages. Firstly, on purchase 
the smartcard in the receiver/decoder 2020 (if desired by the operator) affords the 
subscriber free rights for a given period (typically a few days). This is achieved by 
generating a bitmap for the subscriber which includes the relevant obsolescence date. 
The subscriber then passes his completed paperwork to the operator managing the 

20 subscriber (at the SMS). Once the paperwork has been processed, the SMS supplies 
to the SAS a start command for that particular subscriber. On receipt by the SAS of 
the start command, the STM commands the MG to assign a unique address to the new 
subscriber (with a particular group number and position within the group) and to 
generate a special, so-called "commercial offer" subscription EMM (as opposed to the 

25 more usual "group" subscription EMM used for renewals) to provide the particular 
subscriber with rights until the end of the next month. From this point renewal of the 
subscriber can occur automatically as described above. By this two stage process it 
is possible to grant new subscribers rights until the SMS issues a stop command. 
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It is to be noted that the commercial offer subscription EMM is used for new 
subscribers and for reactivation of existing subscribers. The group subscription EMM 
is used for renewal and suspension purposes. 

With reference to Figure 9, a typical subscription EMM proper (that is, ignoring the 
5 header and signature) generated by the above procedure comprises the following main 
portions, namely typically a 256 bit subscription (or subscribers' group) bitmap 3152, 
128 bits of management ciphering keys 3154 for the ciphering of the EMM, 64 bits 
of each exploitation ciphering key 3156 to enable the smartcard 3020- to decipher a 
control word to provide access to broadcast programmes, and 16 bits of obsolescence 
10 r, date 3158 to indicate the date beyond which the smartcard will ignore the EMM. In 
fact in the preferred embodiment three exploitation keys are provided, one set for the 
present month, one set for the next month, and one for resume purposes in the event 
of system failure. 

In more detail, the group subscription EMM proper has all of the above components, 
15 except the management ciphering keys 3154. The commercial offer subscription 
EMM proper (which is for an individual subscriber) includes instead of the full 
subscribers' group bitmap 3152 the group ID followed by the position in the group, 
and then management ciphering keys 3154 and three exploitation keys 3 156, followed 
by the relevant obsolescence date 3158. 

20 The Message Generator 3 106 serves to transform commands issued by the STM server 
3104 into EMMs for passing to the Message Emitter 3302. With reference to Figure 
5, firstly, the MG produces the EMMs proper and passes them to the Ciphering Unit 
3008 for ciphering with respect to the management and exploitation keys. The CU 
completes the signature 3064 on the EMM (see Figure 3) and passes the EMM back 

25 to the MG, where the header 3060 is added. The EMMs which are passed to the 
Message Emitter are thus complete EMMs. The Message Generator also determines 
the broadcast start and stop time and the rate of emission of the EMMs, and passes 
these as appropriate directions along with the EMMs to the Message Emitter. The MG 
only generates a given EMM once; it is the ME which performs its cyclic 
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transmission. 

Again with reference to Figure 5, the Message Generator includes its own EMM 

database 3 160 which, for the lifetime of the relevant EMM, stores'it. It is erased once 

.* 

its emission duration has expired. The database is used to ensure consistency between 
5 the MG and ME, so that for example when an end user is suspended the ME will not 
continue to send renewals. In this regard the MG computes the relevant operations 
and sends them to the ME. 

On generation of an EMM, the MG assigns a unique identifier to the EMM. When 
the MG passes the EMM to the ME, it also passes the EMM ID. This enables 
identification of a particular EMM at both the MG and the ME. 

Also concerning the Subscription Chain area, the Message Generator includes two 
FIFOs 3162 and 3164, one for each of the relevant Message Emitters 3302 and 3304 
in the EMM Injector 3300, for storing the ciphered EMMs. Since the Subscription 
Chain area and EMM Injector may be a significant distance apart, the use of FIFOs 
can allow full continuity in EMM transmission even if the links 3166 and 3168 
between the two fail. Similar FIFO's are provided in the Pay Per View Chain area. 

One particular feature of the Message Generator in particular and the conditional 
access system in general concerns the way that it reduces the length of the EMM 
proper 3062 by mixing parameter length and identifier to save space. This is' now 
described with reference to Figure 10 which illustrates an exemplary EMM (in fact a 
PPV EMM, which is the simplest EMM). The reduction in length occurs in the Pid 
(Packet or "Parameter" identifier) 3 1 70. This comprises two portions, the actual ID 
3172, and the length parameter for the packet 3174 (necessary in order that the start 
of the next packet can be identified). The whole Pid is expressed in just one byte of 
information, 4 bits being reserved for the ID, and four for the length. Because 4 bits 
is not sufficient to define the length in true binary fashion, a different correspondence 
between the bits and the actual length is used, this correspondence being represented 
in a look-up table, stored in storage area 3178 in the Message Generator (see Figure 
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5). The correspondence is typically as follows:- 



0000 = 


0 


0001 = 


•J 


0010 = 


2 


0011 = 


3 


0100 = 


4 


0101 = 


5 


0110 = 


6 


0111 = 


7 


1000 = 


8 


I00l = 


9 


ioio = 


10 


ion = 


ll 


llOO = 


12 


HOI = 


16 


mo = 


24 


mi = 


32 



It will be seen that the length parameter is not directly proportional to the actual 
length of the packet; the relationship is in part more quadratic rather than linear. This 
20 allows for a greater range of packet length. 

Pay Per View Chain Area 

Concerning the Pay Per View Chain area 3200, with reference to Figure 5 in more 
detail the Authorisation Server 3202 has as its client the Order Centralized Server 
3207, which requests information about each subscriber which connects to the 
25 Communications Servers 3022 to purchase a PPV product. 

If the subscriber is known from the AS 3202, a set of transactions takes plare. If the 
subscriber is authorized for the order, the AS creates a bill and sends it to the OCS. 
Otherwise, it signals to the OCS that the order is not authorized. 
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It is only at the end of this set of transactions that the AS updates the end users 
database 3204 via the database servers (DBAS) 3206, if at least one transaction was 
authorized; this optimizes the number of database accesses. 

The criteria according to which the AS authorizes purchase are stored in the database, 
5 accessed through DBAS processes. In one embodiment, the database is the same as 
the database accessed by the STM. 

Depending on consumer profile, the authorization may be denied 
(PPVJForbidden,Casino_Forbidden ...). These kind of criteria are updated by STM 
3104, on behalf of the SMS 3004. 

10 Other parameters are checked, such as limits allowed for purchase (either by credit 
card, automatic payment, or number of authorized token purchases per day). 

In case of payment with a credit card, the number of the card is checked against a 
local blacklist stored in the local blacklist database 3205. 

When all the verifications are successful, the AS> 

1 . Generates a bill and sends it to the OCS, which completes this bill and stores 
it in a file, this file being later sent to the SMS for processing (customer actual 
billing); and 

2. Updates the database, mainly to set new purchase limits. 
This check-and-generate-bill-if-OK mechanism applies for each command a subscriber 
may request during a single connection (it is possible to order e.g. 5 movies in a single 
session). 

It is to be noted that the AS has a reduced amount of information -concerning the 
subscriber, by comparison with that held by the SMS. For example, the AS does not 
hold the name or address of the subscriber. On the other hand, the AS does hold the 
25 smartcard number of the subscriber, the subscriber's consumer category (so that 
different offers can be made to different subscribers), and various flags which state 
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whether, for example, the subscriber may purchase on credit, or he is suspended or his 
smartcard has been stolen. Use of a reduced amount of information can help to reduce 
the amount of time taken to authorize a particular subscriber request. 

The main purpose of the DBASs 3206 is to increase database performance seen from 
5 the AS, by paralleling the accesses (so actually it does not make much sense to define 
a configuration with only one DBAS). An AS parameter determines how many 
DBASes should connect. A given DBAS may be connected to only one AS. 

The OCS 2307 mainly deals with PPV commands:. It operates in several modes. 

Firstly, it operates to process commands issued by the SMS, such as product 
10 refreshment (for instance, if the bill is already stored by the SMS, no bill is generated 
by the OCS), update of the wallet in the smartcard 3020, and session 
cancellation/update. 

The various steps in the procedure are:- 

1. Identifying the relevant subscriber (using the AS 3202); 
15 2. If valid, generate adequate commands to the Message Generator, in order to 
send an appropriate EMM. Commands may be: 
Product commands, 
Update of the wallet, 
Session erasure. 

20 Note that these operations do not imply creation of billing information, since billing 
is already known from the SMS. These operations are assimilated to "free products" 
purchase. 

Secondly, the OCS deals with commands received from the subscribers through the 
Communications Servers 3022. These may be received either via a modem connected 
25 to the receiver/decoder 2020, or by voice activation via the telephone 4001, or by key 
activation via a MINITEL, PRESTEL or like system where available. 
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Thirdly, the OCS deals with callback requests issued by the SMS. These last two 
modes of operation are now discussed in more detail. 

In the second type of mode described above it was stated that the OCS deals with 
commands received directly from the end user (subscriber) through the 
5 Communications Servers 3022. These include product orders (such as for a particular 
PPV event), a subscription modification requested by the subscriber, and a reset of a 
parental code (a parental code being a code by which parents may restrict the right of 
access to certain programmes or classes of programmes). 

The way in which these commands are dealt with is now described in more detail with 
10 reference to Figure 11. : ~ 

Product orders by a subscriber involve the following steps: 

1 . Identifying through the AS the caller who is making a call through the CS 
3022 ordering a particular product; 

2. Checking the caller's request validity, again using the AS (where the order is 
15 placed using the receiver/decoder 2020, this is achieved by verifying the 

smartcard 3020 details); 

3. Ascertain the price of the purchase; 

4. Check that the price does not exceed the caller's credit limit etc; 

5. Receiving a partial bill from the AS; 

20 6. Filling additional fields in the bill to form a completed bill; 

7. Adding the completed bill to a billing information storage file 3212 for later 
processing; and 

8. Sending corresponding command(s) to the PPV Message Generator 3210 to 
generate the relevant EMM(s). 

25 The EMM(s) is sent either on the modem line 4002 if the consumer placed the product 
order using the receiver/decoder 2020 (more details of this are described later), or else 
it is broadcast. The one exception to this is where there is some failure of the modem 
connection (in the case where the consumer places the order using the 
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receiver/decoder); in this event the EMM is broadcast over the air. 

A subscription modification requested by a subscriber involves: 

1 . Identifying the caller (using the AS); 

2. Sending information to the Command Interface; the CI in turn forwards this 
5 information to the SMS; and 

3. Via the CI, the OCS then receives an answer from the SMS (in terms of the 
cost of the modification, if the modification is possible). 

If modification was requested using the receiver/decoder, the OCS generates a 
confirmation to the SMS. Otherwise, for example in the case of phone or Minitel, the 
10 subscriber is prompted for confirmation and this answer sent to the SMS via the OCS 
and the CI. 

Reset of a parental code involves: 

1. Identifying the caller (using AS); and 

2. Sending a command to the MG to generate an appropriate EMM bearing an 
15 appropriate reset password. 

In the case of reset of parental code, the command to reset the code is for security 
reasons not permitted to originate from the receiver/decoder. Only the SMS, telephone 
and MINITEL or like can originate such a command. Hence in this particular case 
the EMM(s) are broadcast only on air, never on the telephone line. 

20 It will be understood from the above examples of different modes of operation of the 
OCS that the user can have direct access to the SAS, and in particular the OCS and 
AS, in that the Communications Servers are directly connected to the SAS, and in 
particular the OCS. This important feature .is concerned with reducing the time for 
the user to communicate his command to the SAS. 

25 This feature is illustrated further with reference to Figure 12, from which it can be 
seen that the end user's Set-Top-Box, and in particular its receiver/decoder 2020, has 
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the capability of communicating directly with the Communications Servers 3022 
associated with the SAS 3002. Instead of the connection from the end user to the 
Communications Servers 3022 of the SAS 3002 being through the SMS 3004 the 
connection is directly to the SAS 3002. 

5 In fact, as directly mentioned two direct connections are provided. 

The first direct connection is by a voice link via a telephone 4001 and appropriate 
telephone line (and/or by MINITEL or like connection where available) where the end 
users still have to input a series of voice commands or code numbers but time is saved 
compared with the communication being via the SMS 3004. 

1 0 The second direct connection is from the receiver/decoder 2020 and the input of data 
is achieved automatically by the end user inserting his own daughter smartcard 3020 
thus relieving the end user of the job of having to input the relevant data which in turn 
reduces the time taken and the likelihood of errors in making that input. 

A further important feature which arises out of the above discussion is concerned with 
15 reducing the time taken for the resulting EMM to be transmitted to the end user in 
order to initiate viewing by the end user of the selected product. 

In broad terms, and with reference to Figure 12, the feature is again achieved by 
providing the end user's receiver/decoder 2020 with the capability of communicating 
directly with the Communications Servers 3022 associated with the SAS 3002. 

20 As described earlier the integrated receiver/decoder 2020 is connected directly to the 
Communications Servers 3022 by the modemmed back channel 4002 so that 
commands from the decoder 2Q20 are processed by the SAS 3002, messages generated 
(including EMMs) and then sent back directly to the decoder 2020 through the back 
channel 4002. A protocol is used in the communication between the CS 3022 and the 

25 receiver/decoder 2020 (as described later), so that the CS receive acknowledgement 
of receipt of the relevant EMM, thereby adding certainty to the procedure. 
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Thus, for example, in the case of a pre-book mode the SAS 3002 receives messages 
from the end user via the smartcard and decoder 2020 via its modem and via the 
telephone line 4002, requesting access to a specific event/product, and returns a 
suitable EMM via the telephone line 4002* and modem to the decoder 2020, the 

5 modem and decoder being preferably located together ih a Set-Top-Box (STB). This 
is thus achieved without having to transmit the EMM in the MPEG-2 data stream 2002 
via the multiplexer and scrambler 2004, the uplink 2012, satellite 2014 and datalink 
2016 to enable the end user to view the event/product. This can save considerably on 
time and bandwidth. Virtual certainty is provided that as soon as the subscriber has 

10 paid for his purchase the EMM will arrive at the receiver/decoder 2020. 

In the third type of mode of operation of the OCS 3207 described above, the OCS 
deals with callback requests issued by the SAS. This is illustrated with reference to 
Figure 13. Typical callback requests have the purpose of ensuring that the 
receiver/decoder 2020 calls back the SAS via the modemmed back channel 4002 with 
15 the information that the SAS requires of the receiver /decoder. 

As instructed by the Command Interface 3102, the subscription chain Message 
Generator 3106 generates and sends to the receiver/decoder 202 a callback EMM. 
This EMM is ciphered by the Ciphering Unit 3008 for security reasons. The EMM 
may contain the time/date at which the receiver/decoder should wake up and perform 
20 a callback on its own, without being explicitly solicited; the EMM may also typically 
contain the phone numbers which the terminal must dial, the number of further 
attempts after unsuccessful calls and the delay between two calls. 

When receiving the EMM, or at the specified time-date, the receiver/decoder connects 
to the Communications Servers 3022. The OCS 3207 first identifies the caller, using 
25 the AS 3202, and verifies certain details, such as smartcard operator and subscriber 
details. The OCS then asks the smartcard 3020 to send various ciphered information 
(such as the relevant session numbers, when the session was watched, how many times 
the subscriber is allowed to view the session again, the way in which the session was 
viewed, the number of remaining tokens, the number of prebooked sessions, etc). This 
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information is deciphered by the PPV chain Message Generator 3210, again using the 
Ciphering Unit 3008. The OCS adds this information to a callback information 
storage file 3214 for later processing and passing to the SMS 3004. The information 
is ciphered for security reasons. The whole procedure is repeated until there is 
5^ nothing more to be read from the smartcard. 

One particular preferred feature of the callback facility is that before reading the 
smartcard (so just after the identification of the caller using the AS 3202 as described 
above) a check is made by the SAS 3002 that the receiver/decoder is indeed a genuine 
one rather than a pirated version or computer simulation. Such a check is carried out 
10 in the following manner. The SAS generates a random number, which is received by 
the receiver/decoder, ciphered, and then returned to the SAS. The SAS deciphers this 
number. If the deciphering is successful and the original random number is retrieved, 
it is concluded that the receiver/decoder is genuine, and the procedure continues. 
Otherwise, the procedure is discontinued. 

1 5 Other functions which may occur during the callback are erasure of obsolete sessions 
on the smartcard, or filling of the wallet (this latter also being described later under 
the section entitled "Smartcard"). 



Also as regards the Pay Per View Chain area 3200, description is now made of the 
Communications Servers 3022. At the hardware level, these comprise in the preferred 
20 embodiment a DEC Four parallel processor machine. At the software architecture 
level, with reference to Figure 14, in many respects the Communications Servers are 
conventional. One particular divergence from conventional designs arises from the 
fact that the Servers must serve both receiver/decoders 2020 and voice communication 
with conventional telephones 4001, as well possibly as MINITEL or like systems. 

25 It will be noted in passing that two Order Centralized Servers 3207 are shown in 
Figure 14 (as "OCSP and "OCS2"). Naturally any desired number may be provided. 

The Communication Servers include two main servers ("CS1" and "CS2") as well as 
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a number of frontal servers ("Frontal 1" and "Frontal 2"); whilst two frontal servers 
are shown in the figure, typically 10 or 12 may be provided per main server. Indeed, 
although two main servers CS1 and CS2 and two frontal servers, Frontal 1 and Frontal 
2, have been shown, any number could be used. Some redundancy is usually 
5 desirable. 

CS1 and CS2 are coupled to OCS1 and OCS2 via high level TCP/IP links 3230, 
whilst CS1 and CS2 are coupled to Frontal 1 and Frontal 2 via further TCP/IP links 
3232. 

As illustrated, CS1 and CS2 comprise servers for "SENDR" (transmission), "RECVR" 
10 (reception), "VTX" (MINITEL, PRESTEL or the like), "VOX" (voice 
communication), and "TRM" (communication with the receiver/decoder). These are 
coupled to the "BUS" for communication of signals to the Frontal servers. 

CS1 and CS2 communicate directly with the receiver/decoders 2020 via their 
modemmed back channels 4002 using the X25 public network common protocol. The 

15 relatively low-level protocol between the Communications Servers 3022 and the 
receiver/decoders 3020 is in one preferred embodiment based upon the V42 standard 
international CCITT protocol, which provides reliability by having error detection and 
data re-transmission facilities, and uses a checksum routine to check the integrity of 
the re-transmission. An escape mechanism is also provided in order to prevent the 

20 transmission of disallowed characters. 

On the other hand, voice telephone communication is carried out via the Frontal 
Communications Servers, each capable of picking up, say, 30 simultaneous voice 
connections from the connection 3234 to the local telephone network via the high 
speed "T2" (El) standard telephony ISDN lines. 

25 Three particular functions of the software portion of the Communications Servers 
(which could of course alternatively be implemented fully in hardware) are firstly to 
convert the relatively low level protocol information received from the 
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receiver/decoder into the relatively high level protocol information output to the OCS, 
secondly to attenuate or control the number of simultaneous connections being made, 
and thirdly to provide several simultaneous channels without any mixing. In this last 
regard, the Communications Servers play the role of a form of multiplexer, with the 
5 interactions in a particular channel being defined by a^given Session ID (identifier), 
which is in fact used throughout the communication chain. 

Finally as regards the Pay Per View Chain area 3200, and with reference again to 
Figure 5, the Server for Programme Broadcast (SPB) 3208 is coupled to one or more 
Programme Broadcasters 3250 (which would typically be located remotely from the 
0 SAS) to receive programme information. The SPB filters out for further use 
information corresponding to PPV events (sessions). 

A particularly important feature is that the filtered programme event information is 
passed by the SPB to the MG which in turn sends a directive (control command) to 
the ME to change the rate of cyclic emission of the EMMs in given circumstances; 
5 this is done by the ME finding all EMMs with the relevant session identifier and 
changing the cycle rate allocated to such EMMs. This feature might be thought of as 
a dynamic allocation of bandwidth for specific EMMs. Cyclic EMM emission is 
discussed in more detail in the section below concerned with the EMM Injector. 

The circumstances in which the cycle rate is changed are now described with reference 
0 to Figure 15, which demonstrates how cycle rate 3252 is raised a short while (say 10 
minutes) before a particular PPV programme event until the end of the event from a 
slow cycle rate of say once every 30 minutes to a fast cycle rate of say once every 30 
seconds to 1 minute in order to meet the anticipated extra user demand for PPV events 
at those times. In this way bandwidth can be allocated dynamically according to the 
5 anticipated user demand. This can assist in reducing the overall bandwidth 
requirement. 

The cycle rate of other EMMs may also be varied. For example the cycle rate of 
subscription EMMs may be varied by the Multiplexer and Scrambler 2004 sending the 
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appropriate bitrate directive. 
EMM Injector 

Concerning the EMM Injector 3300, details, of the Message Emitters 3302 to 3308, 
forming part of the EMM Injector and acting as output means for the Message 

5 Generator, are now described with reference to Figure 16. Their function is take the 
EMMs and to pass them cyclically (in the manner of a carousel) via respective links 
3314 and 3316 to the Software Multiplexers 3310 and 3312 and thence to the 
hardware multiplexers and scramblers 2004. In return the software multiplexers and 
scramblers 2004 generate a global bitrate directive to control the overall cycling rate 

10 of the EMMs; to do so, the MEs take into account various parameters such as the 
cycle time, the size of EMM, and so on. In the figure, EMM_X and EMM _Y are 
group EMMs for operators X and Y, whilst EMM_Z are other EMMs for either 
operator X or operator Y. 

Further description proceeds for an exemplary one of the Message Emitters; it will be 
15 appreciated that the remaining MEs operate in similar' fashion. The ME operates 
under control of directives from the MG, most notably transmission start and stop time 
and emission rate, as well as session number if the EMM is a PPV EMM. In relation 
to the emission rate, in the preferred embodiment the relevant directive may take one 
of five values from Very fast to Very slow. The numeric values are not specified in 
20 the directive, but rather the ME maps the directive to an actual numeric value which 
is supplied by the relevant part of the SAS. In the preferred embodiment, the 5 
emission rates are as follows:- 

1. Very fast - every 30 seconds, 

2. Fast - every minute 

25 3. Medium - every 15 minutes 

4. Slow - every 30 minutes 

5. Very slow - every 30 minutes 

The ME has first and second databases 3320 and 3322. The first database is for those 
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EMMs which have not yet achieved their broadcast date; these are stored in a series 
of chronological files in the database. The second database is for EMMs for 
immediate broadcast. In the event of a system crash, the ME is arranged to have the 
ability to re-read the relevant stored file and* perform correct broadcast. All the files 
5 stored in the databases are updated upon request from the MG, when the MG wishes 
to maintain consistency between incoming directives and EMMs already sent to the 
ME. The EMMs actually being broadcast are also stored in Random Access Memory 
3324. 

A combination of the FIFOs 3162 and 3164 in ' the Message Generator and the 
10 databases 3320 and 3322 in the Message Emitter means that the two can operate in 
standalone mode if the link 3 166 between them is temporarily broken; the ME can still 
broadcast EMMs. 

The Software Multiplexers (SMUX) 3310 and 3312 provide an interface between the 
MEs and the hardware multiplexers 2004. In the preferred embodiment, they each 

1 5 receive EMMs from two of the MEs, although in general there is no restriction on the 
number of MEs that can be connected with one SMUX. The SMUXs concentrate the 
EMMs and then pass them according to the type of EMM to the appropriate hardware 
multiplexer. This is necessary because the hardware multiplexers take the different 
types of EMMs and place them at different places in the MPEG-2 stream. The 

20 SMUX's also forward global bitrate directives from the hardware multiplexers to the 
MEs. 

One particularly important feature of the ME is that it emits EMMs in random order. 
The reason for this is as follows. The Message Emitter has no ability to sense or 
control what it emits to the multiplexer. Hence it is possible that it may transmit two 
25 EMMs which are to be received and decoded by the receiver/decoder 2020 back to 
back. In such circumstances, further, it is possible that if the EMMs are insufficiently 
separated the receiver/decoder and smartcard will be unable to sense and decode 
properly the second of the EMMs. Cyclically emitting the EMMs in random order can 
solve this problem. 
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The manner in which randomization is achieved is now described with reference to 
Figure 17; in the preferred embodiment the necessary software logic is implemented 
in the ADA computer language. A particularly important part of the randomization 
is the correct storage of the EMMs in the databases 3320 and 3322 (which are used 
5 for backup purposes) and in the RAM 3324. For a particular cycle rate and operator, 
the EMMs are stored in a two-dimensional array, by rank 3330 (going say from A to 
Z) and number in the rank 3332 (going from 0 to N). A third dimension is added by 
cycle rate 3334, so that there are as many two-dimensional arrays as there are cycle 
rates. In the preferred embodiment there are 256 ranks and typically 200 or 300 
10 EMMs in each rank; there are 5 cycle rates. A final dimension to the array is added 
by the presence of different operators; there "are as many three-dimensional arrays as 
there are operators. Storage of the data in this fashion can permit rapid retrieval in 
the event that the MG wants to delete a particular EMM. 

Storage of the EMMs takes place according to the "hash" algorithm (otherwise known 
15 as the "one-way hash function". This operates on a modulo approach, so that 
successive ranks are filled before a higher number in the rank is used, and the number 
of EMMs in each rank remains roughly constant. The example is considered of there 
being 256 ranks. When the MG sends the ME an EMM with identifer (ID) 1, the rank 
"1 » is assigned to this EMM, and it takes the first number 3332 in the rank 3330. The 
20 EMM with ID 2 is assigned the rank "2", and so on, up to the rank 256. The EMM 
with ID 257 is assigned the rank "1" again (based on the modulo function), and takes 
the second number in the first rank, and so on. 

Retrieval of a specific EMM, for example when deletion of a specific EMM is 
requested by the MG, is effected by means of the inverse of the above. The hash 
25 algorithm is applied to the EMM ID to obtain the rank, after which the number in the 
rank is found. 

The actual randomization occurs when the EMMs are, on a cyclical basis, retrieved 
from RAM 3324 using the randomization means 3340 which is implemented in the 
hardware and/or software of the Message Emitter. The retrieval is random, and again 
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based on the hash algorithm. Firstly, a random number (in the above example initially 
in the range 1 to 256) is chosen, to yield the particular rank of interest. Secondly, a 
further random number is chosen to yield the particular number in the rank. The 
further random number is selected according- to the total number of EMMs in a given 
rank. Once a given EMM has been selected and broadcast, it is moved to a second 
identical storage area in the RAM 3324, again using the hash function. Hence the first 
area diminishes in size as the EMMs are broadcast, to the extent that, once a complete 
rank has been used, this is deleted. Once the first storage area is completely empty, 
it is replaced by the second storage area before a new round of EMM broadcast, and 
vice versa. 

In the above fashion, after two or three cycles of the EMMs, statistically the chances 
of any two EMMs destined for the same end user being transmitted back to back is 
negligible. 

At regular intervals whilst the EMMs are being stored the computer 3050 computes 
the number of bytes in storage and from this Computes the bitrate of emission given 
the global bitrate directive from the multiplexer and software multiplexer. 

Reference was made above to the backup databases 3320 and 3322. These are in fact 
in the preferred embodiment sequential file stores, which hold a backup version of 
what is in the RAM 3324. In the event of failure of the Message Emitter and 
subsequent restart, or more generally when the ME is being restarted for whatever 
reason, a link is made between the RAM and the databases, over which the stored 
EMMs are uploaded to RAM. In this way, the risk of losing EMMs in the event of 
failure can be removed. 

Similar storage of PPV EMMs occurs to that described above in relation to 
subscription EMMs, with the rank typically corresponding to a given operator and the 
number in the rank corresponding to the session number. 



Smartcard 
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A daughter, or "subscriber", smartcard 3020 is schematically shown in Figure 18 and 
comprises an 8 bit microprocessor 110, such as a Motorola 6805 microprocessor, 
having an input/output bus coupled to a standard array of contacts 120 which in use 
are connected to a corresponding array of contacts in the card reader of the 
5 receiver/decoder 2020, the card reader being of conventional design. The 
microprocessor 1 10 is also provided with bus connections to preferably masked ROM 
130, RAM 140 and EEPROM 150. The smartcard complies with the ISO 7816-1, 
7816-2 and 7816-3 standard protocols which determine certain physical parameters of 
the smartcard, the positions of the contacts on the chip and certain communications 
10 between the external system (and particularly the- receiver/decoder 2020) and the 
smartcard respectively and which will therefore not be further described here. One 
function of the microprocessor 1 1 0 is to manage the memory in the smartcard, as now- 
described. 

The EEPROM 150 contains certain dynamically-created operator zones 154, 153, 156 
15 and dynamically-created data zones which will now be described with reference to 
Figure 19. 

Referring to Figure 19, EEPROM 150 comprises a permanent "card ID" (or 
manufacturer) zone 151 of 8 bytes which contains a permanent subscriber smartcard 
identifier set by the manufacturer of the smartcard 3020. 

20 When the smartcard is reset, the microprocessor 1 1 0 issues a signal to receiver/decoder 
2020, the signal comprising an identifier of the conditional access system used by the 
smartcard and data generated from data stored in the smartcard, including the card ID. 
This signal is stored by the receiver/decoder 2020, which subsequently utilises the 
. stored signal to check whether the smartcard is compatible with the conditional access 

25 system used by the receiver/decoder 2020. 

The EEPROM 150 also contains a permanent "random number generator" zone 152 
which contains a program for generating pseudo-random numbers. Such random 
numbers are used for diversifying transaction output signals generated by the smartcard 



WO 98/43430 ^ PCT/EP97/02106 

- 40 - 

3020 and sent back to the broadcaster. 

Below the random number generator zone 152 a permanent "management" zone 153 
of 144 bytes is provided. The permanent management zone 153 is a specific operator 
zone utilised by a program in the ROM 130 in the dynamic creation (and removal) of 
zones 154, 155, 156... as described below. The permanent management zone 153 
contains data relating to the rights of the smartcard to create or remove zones. 

The program for dynamically creating and removing zones is responsive to specific 
zone creation (or removal) EMMs which are transmitted by the SAS 3002 and 
received by the receiver/decoder 2020 and passed to the subscriber smartcard 3020. 
In order to create the EMMs the operator requires specific keys dedicated to the 
management zone. This prevents one operator from deleting zones relating to another 
operator. 

Below the management zone 153 is a series of "operator ID" zones 154, 155, 156 for 

operators 1,2 N respectively. Normally at least one operator ID zone will be 

preloaded into the EEPROM of the subscriber smartcard 3020 so that the end user can 
decrypt programmes broadcast by that operator. However further operator ID zones 
can subsequently be dynamically created using the management zone 153 in response 
to a transaction output signal generated via his smartcard 3020 by the end user 
(subscriber), as will subsequently be described. 

Each operator zone 154, 155, 156 contains the identifier of the group to which the 
smartcard 3020 belongs, and the position of the smartcard within the group. This data 
enables the smartcard (along with the other smartcards in its group) to be responsive 
to a broadcast "group" subscription EMM having that group's address (but not the 
smartcard's position in the group) as well as to an "individual" (or commercial offers 
subscription) EMM addressed only to that smartcard within the group. There can be 
256 member smartcards of each such group and this feature therefore reduces 
significantly the bandwidth required for broadcasting EMMs. 
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In order to reduce further the bandwidth required for broadcasting "group" subscription 
EMMs, the group data in each operator zone 154, 155, 156 and all similar zones in 
the EEPROM of smartcard 3020 and the other daughter smartcards is continually 
updated to enable a particular smartcard to change its position in each group to fill any 
5 holes created by e.g. deletion of a member of the group. The holes are filled by the 
SAS 3002 as in the STM server 3104 there is a list of such holes. 

In this manner fragmentation is reduced and each group's membership is maintained 
at or near the maximum of 256 members. 

Each operator zone 154, 155, 156 is associated with one or more "operator' data 
10 objects" stored in the EEPROM 150. As shown in Figure 19, a series of dynamically 
created "operator data" objects 157-165 are located below the operator ID zones. Each 
of these objects is labelled with: 

a) an "identifier" 1, 2, 3 .... N corresponding to its associated operator 1, 2, 3 ... 
N as shown in its left hand section in Figure 19; 

15 b) an "ID" indicating the type of object; and 

c) a "data" zone reserved for data, as shown in the right hand section of each 
relevant operator object in Figure 19. It should be understood that each operator is 
associated with a similar set of data objects so that the following description of the 
types of data in the data objects of operator 1 is also applicable to the data objects of 

20 all the other operators. Also it will be noted that the data objects are located in 
contiguous physical regions of the EEPROM and that their order is immaterial. 

Deletion of a data object creates a "hole" 166 in the smartcard, that is, the number of 
bytes that the deleted objects had previously occupied are not immediately occupied. 
. The thus "freed" number of bytes, or "hole" are labelled with: 
25 a) an "identifier" 0; and 

b) an "ID" indicating that the bytes are free to receive an object. 

The next data object created fills the hole, as identified by the identifier 0. In this 
manner the limited memory capacity (4 kilobytes) of the EEPROM 150 is efficiently 
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Turning now to the set of data objects associated with each operator, examples of the 
data objects are now described. 

Data object 1 57 contains an EMM key used for decrypting encrypted EMM's received 
5 by the receiver/decoder 2020. This EMM key is permanently stored in the data object 
157. This data object 157 may be created prior to distribution of the smartcard 3020, 
and/or may be created dynamically when creating a new operator zone (as described 
above). 

Data object 159 contains ECM keys which are sent by the associated 'operator (in this 
10 case operator 1) to enable the end user to decrypt the particular "bouquet" of programs 
to which he has subscribed. New ECM keys are sent typically every month, along 
with a group subscription (renewal) EMM which renews the end user's overall right, 
to view the broadcast from (in this case) operator 1 . The use of separate EMM and 
ECM keys enables viewing rights to be purchased in different ways (in this 
15 embodiment by subscription and individually (Pay Per View)) and also increases 
security. The Pay Per View (PPV) mode will be described subsequently. 

Since new ECM keys are sent periodically, it is essential to prevent a user from using 
old ECM keys, for example by switching off the receiver/decoder or re-setting a clock 
to prevent expiry of an old ECM key so that a timer in the receiver/decoder 2020 

20 could be overridden. Accordingly operator zone 154 comprises an area (typically 
having a size of 2 bytes) containing an obsolescence date of the ECM keys. The 
smartcard 3020 is arranged to compare this date with the current date which is 
contained in received ECMs and to prevent decryption if the current date is later than 
the obsolescence date. The obsolescence date is transmitted via EMMs, as described 

25 above. 

Data object 161 contains a 64 bit subscription bitmap which is an exact representation 
of the broadcast operator's programs to which the subscriber has subscribed. Every bit 
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represents a program and is set to "1" if it is subscribed to and "0" if it is not. 

Data object 163 contains a quantity of tokens which can be used by the consumer in 
PPV mode to buy*viewing rights to an imminent broadcast e.g. in response to a free 
preview or other advertisement. Data object 163 also contains a limit value, which 
5 may be set to e.g. a negative value to allow credit to the consumer. Tokens can be 
purchased e.g. by credit and via the modemmed back channel 4002, or by using a 
voice server in combination with a credit card, for example. A particular event can 
be charged as one token or a number of tokens. 

Data object 165 contains a description of a PPV event, as shown with reference to 
10 table 167 of Figure 20. 

The PPV event description 167 contains a "session ID" 168 identifying the viewing 
session (corresponding to the program and the time and date of broadcasting) a 
"session mode" 169 indicating how the viewing right is being purchased (e.g. in pre- 
book mode), a "session index" 170 and a "session view" 171. 

15 In respect of receiving a programme in PPV mode, the receiver decoder 2020 
determines whether the programme is one sold in PPV mode. If so, the decoder 2020 
checks, using the items stored in the PPV event description 167 whether the session 
ID for the programme is stored therein. If the session ID is stored therein, the control 
word is extracted from the ECM. 

20 If the session ID is not stored therein, by means of a specific application the 
receiver/decoder 2020 displays a message to the end user indicating that he has the 
. right to view the session at a cost of, say, 25 tokens, as read from the ECM or to 
connect to the communications servers 3022 to purchase the event. Using the tokens, 
if the end user answers "yes" (by means of remote controller 2026 (see Figure 2)) the 

25 decoder 2020 sends the ECM to the smartcard, the smartcard decreases the wallet of 
the smartcard 3020 by 25 tokens, writes the session ID 168, the session mode 169, the 
session index 170 and the session view 171 in the PPV event description 167 and 



WO 98/43430 



PCT/EP97/02106 



- 44 - 

extracts and deciphers the control word from the ECM. 

In the M pre-book" mode, an EMM will be passed to the smartcard 3020 so that the 
smartcard will write the session ID 168, the Session mode 169, the session index 170 
and the session view 171 in the PPV event description* 1 67 using the EMM. 

The session index 170 can be set to differentiate one broadcast from the other. This 
feature permits authorization to be given for a subset of broadcasts, for example, 3 
times out of 5 broadcasts. As soon as an ECM with a session index different from the 
current session index 170 stored in the PPV event description 167 is passed to the 
smartcard, the number of the session view 171 is decreased by one. When the session 
view reaches zero, the smartcard will refuse to decipher an ECM with a different 
session index to the current session index. 

The initial value of the session view depends only on the way in which the broadcast 
supplier wishes to define the event to which it relates; the session view for a respective 
event may take any value. 

The microprocessor 1 1 0 in the smartcard implements a counting and a comparison 
program to detect when the limit to the number of viewings of a particular program 
has been reached. 

All of the session ID 168, the session mode 169, the session index 170 and the session 
view 171 in the PPV event description 167 may be extracted from the smartcard using 
the "call-back" procedure as described previously. 

Each receiver/decoder 2020 contains an identifier which may either identify uniquely 
that receiver/decoder or identify its manufacturer or may classify it in some other way 
in order to enable it to work only with a particular individual smartcard, a particular 
class of smartcards made by the same or a corresponding manufacturer or any other 
class of smartcards which are intended for use with that class of receiver/decoders 
exclusively. 



PCT/EP97/02106 
WO 98/43430 

- 45 - 

In this manner the receiver/decoders 2020 which have been supplied by one broadcast 
supplier to the consumer are protected against the use of non-authorised daughter 
smartcards 3020. 

Additionally or alternatively to this first "handshake" between the smartcard and the 
5 receiver, the EEPROM of the smartcard 3020 could contain a field or bitmap 
describing the categories of receiver/decoders 2020 with which it can function. These 
could be specified either during the manufacture of the smartcard 3020 or by a specific 
EMM. 

The bitmap stored in the smartcard 3020 typically comprises a list of up to 80 
1 0 receiver/decoders, each identified with a corresponding receiver/decoder ID with which 
the smartcard may be used. Associated with each receiver/decoder is a level "1" or 
"0" indicating whether the smartcard may be used with the receiver/decoder or not, 
respectively. A program in the memory 2024 of the receiver/decoder searches for the 
identifier of the receiver/decoder in the bitmap stored in the smartcard. If the 
15 identifier is found, and the value associated with the identifier is "1", then the 
smartcard is "enabled"; if not, then the smartcard will not function with that 
receiver/decoder. 

In addition, if, typically because of an agreement between operators, it is desired to 
authorize the use of other smartcards in a particular receiver/decoder, specific EMMs 
20 will be sent to those smartcards to change their bitmap via the transponder 2014. 

Each broadcast supplier may differentiate his subscribers according to certain 
predetermined criteria. For example, a number of subscribers may be classed as 
"VIPs". Accordingly, each broadcast supplier may divide his subscribers into a 
plurality of subsets, each subset comprising any number of subscribers. 

25 The subset to which a particular subscriber belongs is set in the SMS 3004. In turn, 
the SAS 3002 transmits an EMM to the subscriber which writes information (typically 
of length 1 byte) concerning the subset to which the subscriber belongs into the 
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relevant operator data zone, say 154, of the EEPROM of the smartcard. In turn, as 
events are broadcast by the broadcast supplier, an ECM, typically of 256 bits, is 
transmitted with the event and indicating which of the subsets of subscribers may view 
the event. If, according to the information stored in the operator zone, the subscriber 
5 does not have the right to view the event, as determined by the ECM, programme 
viewing is denied. 

This facility may be used, for example, to switch off all of a given operator's 
smartcards in a particular geographical region during the transmission of a particular 
program, in particular a program relating to a sports fixture taking place in that 
10 geographical region. In this manner football clubs and other sport bodies can sell 
broadcasting rights outside their locality whilst preventing local supporters from 
viewing the fixture on television. In this manner the local supporters are encouraged 
to buy tickets and attend the fixture. 

Each of the features associated with zones 151 to 172 is considered to be a separate 
15 invention independent of the dynamic creation of zones. 

It will be understood that the present invention has been described above purely by 
way of example, and modifications of detail can be made within the scope of the 
invention. 

Each feature disclosed in the description, and (where appropriate) the claims and 
20 drawings may be provided independently or in any appropriate combination. 

In the aforementioned preferred embodiments, certain features of the present invention 
have been implemented using computer software. However, it will of course be clear 
to the skilled man that any of these features may be implemented using hardware. 
Furthermore, it will be readily understood that the functions performed by the 
25 hardware, the computer software, and such like are performed on or using electrical 
and like signals. 
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Cross reference is made to our co-pending applications, all bearing the same filing 
date, and entitled Signal Generation and Broadcasting (Attorney Reference no. 
PC/ASB/19707), Smartcard for use with a Receiver of Encrypted Broadcast Signals, 
and Receiver (Attorney Reference No. PC/ASB/ 19708), Broadcast and Reception 
5 System and Conditional Access System therefor (Attorney Reference No. 
PC/ASB/19710), Downloading a Computer File from a Transmitter via a 
Receiver/Decoder to a Computer (Attorney Reference No. PC/ASB/1971 1), 
Transmission and Reception of Television Programmes and Other Data (Attorney 
Reference No. PC/ASB/1971 2), Downloading Data (Attorney Reference No. 
10 PC/ASB/19713), Computer Memory Organisation (Attorney Reference No. 
PC/ASB/19714), Television or Radio Control System Development (Attorney 
Reference No. PC/ASB/1971 5), Extracting Data Sections from a Transmitted Data 
Stream (Attorney Reference No. PC/ASB/ 197 16), Access Control System (Attorney 
Reference No. PC/ASB/1971 7), Data Processing System (Attorney Reference No. 
15 PC/ASB/19718), and Broadcast and Reception System, and Receiver/Decoder and 
Remote Controller therefor (Attorney Reference No. PC/ASB/19720). The disclosures 
of these documents are incorporated herein by reference. The list of applications 
includes the present application. 
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CLAIMS 

1 . Apparatus for repetitively generating a set of messages, comprising: 
means for generating a plurality of messages; 

means for repetitively randomizing „the sequence of the messages to form a 
plurality of sets of such messages, so that the messages of each set are in random 
sequence; and 

means for outputting the plurality of sets of messages. 

2. Apparatus according to Claim 1, wherein- the message generating means 
includes means for storing the generated messages. 

3. Apparatus according to Claim 2, wherein the randomizing means is arranged 
to form each said set of messages by retrieving the messages in random sequence from 
the storage means. 

4. Apparatus according to Claim 2 or 3, wherein the storage means is arranged 
to store the messages in an at least two-dimensional array. 

5. Apparatus according to any of the preceding claims, further comprising means 
coupled to the output means for varying the rate at which the plurality of sets of 
messages is output. 

6. Apparatus according to any of Claims 2 to 4, further comprising means coupled 
to the storage means for evaluating the size of the messages stored in the storage 
means, and means coupled to the output means for varying the rate at which the 
plurality of sets of messages is output, in dependence upon the said size of the 
messages. 

7. Apparatus according to any of the preceding claims, wherein the generating 
means and randomizing means are coupled via a First In First Out device. 
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8. Apparatus according to any of the preceding claims, wherein the output means 
includes means for storing at least one of the sets of messages. 

9 Apparatus according to any of the preceding claims, wherein a plurality of 
output means are provided, and further comprising a -multiplexer for receiving the 
5 plurality of sets of messages output by said plurality of output means. 

10. An access control system for a broadcast and reception system, said access 
control system including, at the broadcast end, apparatus according to any of the 
preceding claims, and, at the reception end, a device for receiving said messages. 

11. An access control system according to Claim 1 0, wherein said message is an 
10 entitlement message for broadcast to the receiving device. 

12. A broadcast and reception system including an access control system according 
to Claim 11. 

13. A method of repetitively generating a set of messages, comprising: 
generating a plurality of messages; 

! 5 repetitively randomizing the sequence of the messages to form a plurality of 

sets of such messages, so that the messages of each set are in random sequence; and 
outputting the plurality of sets of messages. 

14. A method according to Claim 13, including the step of storing messages, 
generated in the generating step, and wherein in the randomizing step each said set of 

20 messages is formed by retrieving the messages in random sequence. - 

15. A method of controlling access of a user to a broadcast and reception system, 
including, at the broadcast end, a method of repetitively generating a set of messages 
according to Claim 13 or 14, and, at the reception end, the step of receiving said 
messages. 
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16. A method according to Claim 15, wherein the message is an entitlement 
message for reception by the receiving step. 

17. Apparatus substantially as herein described with reference to and as illustrated 
in the accompanying drawings, and especially Figure 16 and 17 thereof. 

5 18. Apparatus according to any of Claims 1 to 9, wherein the output means is 
arranged to output the plurality of sets of messages as a digital signal including a 
packet of digital data and an identifier for the packet, the identifier being less than two 
bytes in length. 

1 9. Apparatus for generating a digital signal comprising a packet of digital data and 
an identifier for the packet, comprising: 

means for generating the packet of data; and 
means for generating the identifier; 
wherein: 

the identifier generating means is arranged to generate an identifier which is 
less than two bytes in length. 

20. Apparatus according to Claim 18 or 19, wherein the identifier comprises an 
identity parameter and a length parameter. 

21. Apparatus according to Claim 20, wherein the identity and length parameters 
are each 4 bits in length. 

22. Apparatus according to Claim 20 or 21, wherein the digital value of the length 
parameter is not directly proportional to the actual length of the packet. 

23. Apparatus according to any of Claims 20 to 22, further comprising means for 
storing a look-up table giving the correspondence between the digital value of the 
length parameter and the actual length of the packet. 
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24. A broadcast and reception system including, at the broadcast end, apparatus 
according to any of Claims 18 to 23, and, at the reception end, a device for receiving 
said signal. 

25. A method according to any of Claims 13 to-16, wherein the plurality of 
5 messages are output as a digital signal comprising a packet of digital data and an 

identifier for the packet, the identifier being less than two bytes in length. 

26. A method of generating a digital signal comprising a packet of digital data and 
an identifier for the packet, comprising: 

generating the packet of data; and 
!0 generating the identifier; 

wherein: 

the identifier is less than two bytes in length. 

i 

27. A method according to Claim 25 or 26, wherein the identifier comprises an 
identity parameter and a length parameter. 

15 28. A method according to Claim 27, wherein the digital value of the length 
parameter is not directly proportional to the actual length of the packet. 

29. A digital signal, comprising: 
a packet of digital data; and 
an identifier for the packet; 

20 wherein: 

the identifier is less than two bytes in length. 

30. A signal according to Claim 29, wherein the identifier comprises an identity 
parameter and a length parameter. 



25 



31. A signal according to Claim 30, wherein the identity and length parameters 
each 4 bits in length. 



WO 98/43430 ^ ^ PCT/EP97/02106 

- 52 - 

32. A signal according to Claim 30 or 31, wherein the digital value of the length 
parameter is not directly proportional to the actual length of the packet. 

33. Apparatus substantially as herein described with reference to and as illustrated 
in the accompanying drawings, and especially Figure 10 thereof. 

5 34. A broadcast and reception system according to Claim 12, further comprising 
means for broadcasting data, and means for producing a control command 
representative of a characteristic of the data, and wherein the output means includes 
means for repetitively broadcasting the plurality of sets of messages, at a variable 
repetition rate, and for varying the repetition rate in response to the control command. 

10 35. A broadcast system, comprising: 
means for broadcasting data; 

means for producing a control command representative of a characteristic of 
the data; and 

means for repetitively broadcasting a message, at a variable repetition rate; said 
1 5 message broadcasting means being arranged to vary the repetition rate in response to 
the control command. 

36. A system according to Claim 34 or 35, wherein the data are signals 
representative of programme events, and the means for producing the control 
command is arranged to produce the command to be representative of the time of 

20 broadcast of a particular programme event. 

37. A system according to Claim 36, wherein said message broadcasting means is 
arranged to vary the repetition rate near the time of broadcast of the event. 

38. A system according to Claim 36 or 37, wherein said message broadcasting 
means is arranged to increase the repetition rate before the time of broadcast of the 

25 event. 
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39. A system according to Claim 36, 37 or 38, wherein said message broadcasting 
means is arranged to increase the repetition rate during the time of broadcast of the 
event. 

40. A broadcast and reception system including, at the broadcast end, a system 
5 according to any of Claims 35 to 39, and, at the reception end, a device for receiving 

the broadcast data and messages. 

41. A method of broadcasting, comprising: 
broadcasting data; 

producing a control command representative of a characteristic of the data; and 
1 o repetitively broadcasting a message, at a variable repetition rate which is varied 

in response to the control command. 

42. A method according to Claim 41, wherein the data are signals representative 
of programme events, and the control message is representative of the time of 
broadcast of a particular programme event. 

15 43 . A method according to Claim 42, wherein the repetition rate is varied near the 
time of broadcast of the event. 

44. A method according to Claim 42 or 43, wherein the repetition rate is increased 
before the time of broadcast of the event. 

45. A method according to Claim 42, 43 or 44, wherein the repetition rate is 
20 increased during the time of broadcast of the event. 

46. A broadcast system substantially as herein described with reference to and as 
illustrated in the accompanying drawings, and especially Figures 5 and 15 thereof. 



47. A conditional access system for affording conditional access to subscribers, 
comprising: 
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a subscriber management system; and 

a subscriber authorization system coupled to the subscriber management 
system, said authorization system comprising means for generating subscriber renewal 
commands and means for authorizing renewal of the subscribers in dependence on 
such commands. 

48. A conditional access system for affording conditional access to subscribers, 
comprising: 

a subscriber management system for managing the subscribers, including a 
database with subscriber information and means for generating a stop command that 
a particular subscription is to be stopped; and 

a subscriber authorization system, for authorizing the subscribers, coupled to 
the subscriber management system, and arranged to receive the stop command; the 
subscriber authorization system comprising means for generating a subscriber renewal 
command for each subscriber in dependence on the stop command for that subscriber 
and means for authorizing renewal of the subscribers in dependence on the subscriber 
renewal commands. 

49. A conditional access system according to Claim 48 wherein the subscriber 
management system includes means for generating a start command that a particular 
subscription is to be started, and the subscriber renewal command generating means 
of the subscriber authorization system is arranged to generate each subscriber renewal 
command in further dependence on the start command. 

50. A conditional access system according to Claim 47, 48 or 49, wherein the 
subscriber authorization system includes a database with subscriber information. 

51. A conditional access system according to Claim 48 or 49, wherein the 
subscriber authorization system includes a database with subscriber information and 
means for updating the information in that database in dependence on the information 
in the subscriber management system database. 
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52. A conditional access system according to any of Claims 47 to 51, wherein a 
First In First Out Device is provided between the subscriber renewal command 
generating means and the renewal authorizing means. 

53. A conditional access system according to any of Claims 47 to 52, wherein the 
> renewal authorizing means includes output means for outputting authorization 

entitlement messages to the subscribers. 

54. A conditional access system according to any of Claims 47 to 53, wherein the 
subscriber authorization system is capable of providing special rights for new 
subscribers. 



10 



15 



55. A conditional access system, being for a broadcast and reception system, said 
system comprising, at the broadcast end, a system according to any of Claims 47 to 
54, and further comprising, at the reception end, a device for receiving said messages. 

56. A broadcast and reception system including a conditional access system 
according to any of Claims 47 to 55. 

57. A conditional access system substantially as herein described with reference to 
and as illustrated in the accompanying drawings, and especially Figures 5, 6 or 7 
thereof. 
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